Introduce EFIKA_OFW_WORKAROUNDS - patch OFW trampoline for EFIKA.
Long story short, is that SmartFirmware (EFIKA's OpenFirmware) misbehaves
on every OF call from the kernel by zeroing SDR1 and messing with BATs.
In the olden days, these problems were worked around with FIRMWORKSBUGS
option. However, that option does not work currently on EFIKA. Presumaly,
something has changed between 2012 and now, which causes FIRMWORKSBUGS
to hang on SmartFirmware very early (before NetBSD copyright banner is
printed).
So we get this kludge, which only does the bare minimum to let OFW
call succeed, and the kernel continue after the call.
citrus/HZ: Be more careful about encoding buffer.
1. Use unsigned char for chlen, since it's never negative and only
needs to be big enough for the ch array.
2. Expand the ch array by space for two escape sequences, each of
which is two characters.
I don't think it is currently possible with the i18n data we ship
for it to emit two escape sequences in a row -- there is a code
path to do this, but I don't think it can be reached without
setting escape sequences for variable 1 and extending this in some
way. Nevertheless, let's err on the side of safety.
3. Sprinkle assertions everywhere.
PR 59019: various iconv issues
iconv(3): Fix printing bytes on test failure.
Don't sign-extend to a 32-bit quantity causing the left to be padded
with f's; just print the 8-bit quantity.
PR 59019: various iconv issues
Downgrade a very recently added math/cadical to 2.1.3.
Version 3.0.0 isn't supported by cvc5:
https://github.com/cvc5/cvc5/issues/12611
Make other changes to help cvc5 find cadical in /usr/pkg:
- add tracer.hpp
- move headers to include/cadical
Start wiring up MPC5200B support into ofppc port.
Interrupt controller peculiarities, properly gating legacy code under kernel
appropriate options, PSC console support (kludge).
Several enchancements and bug fixes to FEC driver.
- Fix SRAM leak in fec_stop()
- Skip busy wait link-poll on reset and recovery
- Properly program muilticast hash filter
- 802.3 full duplex flow control, advertise and honor received pause
- Statistics exposed via if_stats
- Accept VLAN frames
py-curl: updated to 7.47.0
PycURL 7.47.0 - 2026-06-29
This release adds AsyncCurlMulti (initial async pycurl support), implements a
curl multi notify API, and adds initial free-threaded CPython support. This
release also fixes numerous minor issues and makes tests more reliable.
minizip-ng: updated to 4.2.2
4.2.2
build(deps): bump actions/download-artifact from 7 to 8
build(deps): bump actions/upload-artifact from 6 to 7
fix: warning: '=': narrowing conversion, possible loss of data
docs: update memory stream test link
fix: mz_crypt_aes_set_*_key for GCM on OpenSSL
test: improve: validate cipher bytes after encryption
fix: reject symlink targets that escape extraction dir
libjpeg-turbo: updated to 3.2.0
3.2.0
Fixed a regression introduced by 3.2 beta1[9] that broke Arm64EC Windows builds.
Hardened the PNG writer (which is used by djpeg and tj3SaveImage*()) against applications that may erroneously attempt to write sample values that are out of range for the specified output data precision. This could have caused a buffer overrun in the PNG writer's rescale array if the output data precision was not 8 or 16 bits. The buffer overrun did not likely pose a security risk, since tj3SaveImage*() is not exposed to arbitrary external input data and since a caller that abused the API in the aforementioned manner could never work properly.
Hardened the libjpeg API against hypothetical applications that may erroneously call jpeg_crop_scanline() with buffered-image mode and raw data output enabled. jpeg_crop_scanline() does not work with raw data output, but due to an oversight, it did not throw an error if both buffered-image mode and raw data output were enabled. If a hypothetical application aborted a normal decompression operation without reading any scanlines, started a new decompression operation using the same libjpeg instance with buffered-image mode and raw data output enabled, then called jpeg_crop_scanline() with arguments that would have caused any of the component planes to be cropped to a width of 1 sample, jpeg_crop_scanline() would have used freed memory. However, this did not likely pose a security risk, since an application that abused the API in the aforementioned manner could never work properly.
Fixed a buffer overrun and subsequent segfault in jpegtran that occurred when attempting to use the -crop and -trim options to expand the width of an image narrower than one iMCU, discard partial iMCUs, and fill each block in the expanded region with the DC coefficient of the nearest block in the input image ("flatten.") Similarly, fixed an infinite loop that occurred when attempting to use the -crop and -trim options to expand the width of an image narrower than one iMCU, discard partial iMCUs, and fill the expanded region with repeated reflections of the input image ("reflect.") When the only iMCU column in the input image is partial and partial iMCUs are trimmed, the flatten and reflect extensions cannot work properly, so jpegtran now throws an error if that is the case. These issues were confined to the jpegtran application and thus did not pose a security risk.